Journal of Digital Forensics, Security and Law, Vol. 7(2)
149
Technology Corner
Automated Data Extraction Using Facebook
Nick V. Flor
Marketing, Information & Decision Sciences
Anderson School of Management
University of New Mexico
ABSTRACT
Because of Facebook’s popularity, law enforcement agents often use it as a key
source of evidence. But like many user digital trails, there can be a large amount
of data to extract for analysis. In this paper, we explore the basics of extracting
data programmatically from a user’s Facebook via a Web app. A data extraction
app requests data using the Facebook Graph API, and Facebook returns a JSON
object containing the data. Before an app can access a user’s Facebook data, the
user must log into Facebook and give permission. Thus, this approach is limited
to situations where users give consent to the data extraction.
AUTOMATED DATA EXTRACTION USING FACEBOOK
Facebook is the world’s most popular social networking site. The site allows
users to post text, pictures, and videos, as well as to view other users’ content—
subject to friend and privacy settings. On a given day, Facebook reports an
average of 526 million active users on their site, with over 80% of its monthly
active users outside the United States and Canada (Facebook, 2012). In the
United States alone slightly over 50% of the population has a Facebook account.
Because of its popularity, many individuals under criminal investigation are likely
to have Facebook accounts, and it is common for law enforcement agents to
subpoena a suspect’s Facebook records as governed by the United States Code,
Title 18, Chapter 121, Sections 2701-2712—“Stored wire and electronic
communications and transactional records access” (Facebook, 2012b).
When investigators receive a user’s Facebook records via subpoena they get an
archive similar to what Facebook calls the user’s “Expanded Archive”, which the
site allows users to download on demand (Facebook, 2012a). This archive
includes a user’s: profile information, postings, friends postings, photos and
videos uploaded, friend list, notes, event RSVPs, sent & received private
messages, IP addresses, login info, log out info, pending friend requests, account
status changes, poke info, events info, mobile phone numbers, currently listed city
& hometown, family member names, relationship info, list of languages, and
history of changes made to the account name.